With massive data breaches uncovered daily or weekly, it’s hard not to be a bit numb to the urgency and magnitude of the issue. For most organizations, the problem is far from solved. Apathy in place of outrage at this juncture could diminish any help before it gets started. At the same time, misguided efforts will result in continued failure.
A giant Python-esque foot has not yet come down to condemn the ludicrousness of such a broad catastrophe but losses and damage have been mounting. This year, cybercrime overtook physical crime in the UK, marking a profound changing of the times. The National Crime Agency estimates the annual loss to UK businesses of £1 billion in direct costs, although the more realistic number is far greater, particularly considering the cost of stolen intellectual property and business secrets and other loss and damage not typically reported.
Last year saw the Mirai botnet harness routers and other IoT devices to launch DDoS attacks against internet services.
Is this type of attack something we’re going to see more of in 2017, and what can companies and individuals do to protect themselves? We spoke to Sam Rehman, chief technology officer at attack prevention specialist Arxan Technologies to find out more about security and the Internet of Things.
This is one of the many times of year that retailers have sales, coinciding neatly with the time of year when many people are feeling the pinch after splashing out on food and presents. But if you're scouring Amazon for great deals, watch out for sellers who are actually using low prices to lure you into a phishing scam.
One seller going by the name of (among others) Sc-Elegance uses "used, like new" tech products as bait, ultimately directing buyers to a fraudulent site to make payments. Security experts are warning shoppers to be on their guard.
D-Link is facing a lawsuit brought against it by the US Federal Trade Commission for the poor security of its routers and connected cameras. The FTC says the company failed to take reasonable steps to protect users from hackers.
The FTC is seeking to improve the security of all IoT (internet of things) devices in the wake of compromised devices being used to launch high-profile DDoS attacks such as Marai and Leet Botnet. D-Link argues that the charges brought against it are "unwarranted and baseless" and plans to "vigorously defend itself".
Data breaches are bad news for companies not just in terms of potential losses but in damage to reputation.
Larger enterprises are realising that they need to protect not just their central locations but also their remote and franchise locations in order to guard their brand.
The Mirai botnet is thought to have affected more than 1.5 million smart devices over the past few months.
Router manufacturer Securefi is aiming to combat this problem with the launch of a new IoT device security service. Initially available for the company's Almond 3 routers, Securifi's solution protects connected home devices like DVRs, IP cameras, and smart thermostats from a number of key online threats.
Ransomware has been one of the major threats faced by both businesses and individuals in 2016 and many security analysts don't see it going away any time soon.
Threat intelligence specialist Recorded Future echoes that view and believes we’ll see more attacks aimed at shaming the victims.
Security breaches have been one of the major themes of 2016, so going into the new year it’s no surprise that companies are keen to try to make things more secure.
Password manager Dashlane is announcing enhancements to its software to make use of Intel Software Guard Extensions, a powerful security technology built into the latest Intel Core processors.
A new report from IT research and consulting company Osterman Research reveals that employee turnover and attrition is the number one data protection concern for enterprises.
Of the organizations surveyed, 69 percent indicate that they have suffered significant data or knowledge loss resulting from employees who had left the business.
The system used by millions of travelers each day to share data between travel agencies, airlines, passengers and websites is incredibly insecure. Security researchers have presented details that highlight just how easy it is to hack flight bookings.
German security firm SR Labs says that using nothing more than a traveler's surname and a six-digit Passenger Name Record (PNR), it is possible to not only gather personal information about people, but also make changes to bookings.
The election of Donald Trump has alarmed privacy advocates who worry that the self-described "law-and-order" president will take a more heavy-handed approach towards issues of security and privacy. Of particular concern are fears that there will be attempts to weaken or otherwise disable the encryption that is widely used to protect sensitive data and maintain user privacy.
Based on the proposed cabinet-level nominees put forth by Trump, these fears may be well-founded.
With so much expectation placed on the impact of Blockchain technology, which platform is going to help the industry deliver on those expectations?
If you find that question surprising it is because you’ve only ever heard of Bitcoin when it comes to Blockchain technology, then you won’t be alone.
Already an attractive option for a variety of consumer applications, crowd sourcing is now catching on in the corporate world. One emerging area of crowd sourcing is bug bounty programs. These are rewards offered by organizations to security researchers or whitehat hackers, who receive recognition and financial compensation for finding and reporting bugs, exploits and vulnerabilities in the organizations’ websites and applications.
As a technology company or security professional, it’s easy to see the attraction of running bug bounty programs. But these programs are not without risk, and timing can be a critical factor. Unless they are managed carefully, bug bounty programs can come with serious consequences for your overall security posture.
The use of mobile devices continues to increase, with there being no sign of it slowing down anytime soon. The use of mobile apps is also increasing and is completely dominating mobile internet usage, so it’s no surprise that enterprises are investing in mobile apps in order to boost the impact of their product or service.
The most dominant channel through which to download consumer apps is through stores such as Apple’s iTunes and Google’s Play Store, as well as some third-party marketplaces. A large corporate organization will need to ensure that all information placed within their mobile app is secure. Whether the app is for internal employee use alone, or will be shared with customers, security must be the top priority.